272 01-28006-0072-20041105 Fortinet Inc.
Certificates VPN
4 Configure the Subject Information that identifies the FortiGate unit being certified.
Preferably use an IP address or domain name. If this is impossible (such as with a
dialup client), use an email address.
• For Host IP, enter the public IP address of the FortiGate unit being certified.
• For Domain name, enter the fully qualified domain name of the FortiGate unit being
certified. Do not include the protocol specification (http://) or any port number or
path names.
• For E-mail, enter the email address of the owner of the FortiGate unit being
certified. Typically, email addresses are entered only for clients, not gateways.
5 Configure the Optional Information to
further identify the object being certified.
6 From the Key Size box, select 1024 Bit, 1536 Bit or 2048 Bit. Larger keys are slower
to generate but more secure. Not all FortiGate units support all three key sizes.
7 Select OK.
The request is generated and displayed in the Local Certificates list with a status of
Pending.
8 Select the Download button to download the request to a PC on the local network.
9 In the File Download dialog box, select Save.
10 Name the file and save it on the local file system.
11 Submit the request to your CA as follows:
• Using the web browser on the local PC, browse to the CA’s web site.
• Follow the CA instructions to place a base-64 encoded PKCS#10 certificate
request and upload the certificate request.
• Follow the CA instructions to download their root certificate, and then install the
root certificate on the FortiGate unit.
Organization Unit Name of your department.
Organization Legal name of your company or organization.
Locality (City) Name of the city or town where the FortiGate unit is installed.
State/Province Name of the state or province where the FortiGate unit is installed.
Country Select the country where the FortiGate unit is installed.
e-mail Contact email address. The CA may choose to deliver the digital
certificate to this address.
To Next Page
Loading...
